94.249.52.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Jordan

Internet Service Provider: Jordan Telecom Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	DATE:2019-07-31 00:29:47, IP:94.249.52.91, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-07-31 15:54:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.249.52.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27784
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.249.52.91.			IN	A

;; AUTHORITY SECTION:
.			2024	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073100 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 31 15:54:46 CST 2019
;; MSG SIZE  rcvd: 116

Host info

91.52.249.94.in-addr.arpa domain name pointer 94.249.x.91.go.com.jo.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
91.52.249.94.in-addr.arpa	name = 94.249.x.91.go.com.jo.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.145.178.134	attack	ssh brute force	2020-09-07 13:39:22
2001:4451:827c:3300:a11a:5144:dc38:88a1	attackspambots	Wordpress attack	2020-09-07 13:25:46
113.230.211.180	attackbots	TCP (SYN) 113.230.211.180:54438 -> port 23, len 40	2020-09-07 13:51:00
60.250.67.47	attackspambots	Sep 6 20:14:58 home sshd[1021577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.67.47 Sep 6 20:14:58 home sshd[1021577]: Invalid user trevor from 60.250.67.47 port 55034 Sep 6 20:15:00 home sshd[1021577]: Failed password for invalid user trevor from 60.250.67.47 port 55034 ssh2 Sep 6 20:16:53 home sshd[1021759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.67.47 user=root Sep 6 20:16:55 home sshd[1021759]: Failed password for root from 60.250.67.47 port 55604 ssh2 ...	2020-09-07 13:59:32
170.83.188.144	attack	Brute force attempt	2020-09-07 13:46:12
54.37.68.191	attackbots	Sep 7 07:10:17 root sshd[26272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.191 ...	2020-09-07 13:53:49
165.22.122.246	attackspambots	$f2bV_matches	2020-09-07 13:57:18
142.44.246.156	attack	$lgm	2020-09-07 13:47:04
49.233.77.12	attack	Failed password for invalid user uu from 49.233.77.12 port 59512 ssh2	2020-09-07 13:35:59
92.46.124.194	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 13:22:07
173.252.95.36	attackbots	[Sun Sep 06 23:53:43.920622 2020] [:error] [pid 31433:tid 140397593237248] [client 173.252.95.36:54642] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/total-v62.js"] [unique_id "X1UUF3Jrmc0na8dwfwZeEAAAZgo"] ...	2020-09-07 13:25:14
46.148.96.202	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 14:05:19
178.63.88.48	attackspam	/wp-login.php	2020-09-07 13:31:18
207.244.70.35	attackbots	Brute-force attempt banned	2020-09-07 13:41:18
176.92.193.227	attackspambots	Telnet Server BruteForce Attack	2020-09-07 13:40:01

Recently Reported IPs

134.56.57.169	31.7.62.70	206.214.2.70	69.162.83.34
111.254.62.186	60.3.188.136	177.205.5.134	91.210.144.254
129.204.171.74	197.44.22.102	195.7.0.155	200.1.221.134
116.255.183.120	200.66.117.148	185.228.82.200	36.235.67.174
182.50.130.48	125.212.176.220	37.114.132.232	107.84.177.247